smokeloader

General

Target

2024-04-25_5a9d4526bb3d2ca0eeeab48ad4880c75_karagany_mafia
Size

268KB
Sample

240425-1mvd4afe52
MD5

5a9d4526bb3d2ca0eeeab48ad4880c75
SHA1

f1c1cad4938264dd7c59439a34cfc64a32cd9b8e
SHA256

a9e4f07716bea93257685954bc0e1e5136b65b274b1acbf6bb71654f3294ebb2
SHA512

967b491f125c0372f9292165774181e0f77049c97e5798af8f42140b4d590af67a2039af710d92c412dabffd226c403ec6c720539a4f7aa34b0f8c7a2d3d22dc
SSDEEP

3072:/91ujsVE6yEmOCPT+wBNJjNvdMKEnv5yZN7nUZmfjWVoqnM4p:/9/VE4XCqYP3MN8IZmfjWWAM4p

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Version

2018

C2

http://xrbwgb.com/gate.php

http://th5ijd5gds.xyz/gate.php

http://c82psxpjd8.top/gate.php

http://7ui3n2rezz.top/gate.php

rc4.i32

Targets

- Target
  
  2024-04-25_5a9d4526bb3d2ca0eeeab48ad4880c75_karagany_mafia
- Size
  
  268KB
- MD5
  
  5a9d4526bb3d2ca0eeeab48ad4880c75
- SHA1
  
  f1c1cad4938264dd7c59439a34cfc64a32cd9b8e
- SHA256
  
  a9e4f07716bea93257685954bc0e1e5136b65b274b1acbf6bb71654f3294ebb2
- SHA512
  
  967b491f125c0372f9292165774181e0f77049c97e5798af8f42140b4d590af67a2039af710d92c412dabffd226c403ec6c720539a4f7aa34b0f8c7a2d3d22dc
- SSDEEP
  
  3072:/91ujsVE6yEmOCPT+wBNJjNvdMKEnv5yZN7nUZmfjWVoqnM4p:/9/VE4XCqYP3MN8IZmfjWWAM4p
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

Peripheral Device Discovery

1

T1120

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Maps connected drives based on registry

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2